GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,034 advisories
Filter by severity
Mattermost fails to strip `embeds` from `metadata` when broadcasting `posted` events
Moderate
CVE-2024-47003
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Sep 26, 2024
Spring Framework DoS via conditional HTTP request
Moderate
CVE-2024-38809
was published
for
org.springframework:spring-web
(Maven)
Sep 24, 2024
Uncontrolled resource consumption in Zoom Team Chat for Zoom Desktop Client for Windows and Zoom...
Moderate
Unreviewed
CVE-2023-39203
was published
Nov 15, 2023
Denial of service in rocket chat message parser
Moderate
CVE-2024-46935
was published
for
@rocket.chat/message-parser
(npm)
Sep 25, 2024
Strapi's field level permissions not being respected in relationship title
Moderate
CVE-2023-37263
was published
for
@strapi/plugin-content-manager
(npm)
Sep 13, 2023
Due to an allocation of resources without limits, an uncontrolled resource consumption...
Moderate
Unreviewed
CVE-2023-51393
was published
Feb 23, 2024
A memory leak in the Silicon Labs' Bluetooth stack for EFR32 products may cause memory to be...
Moderate
Unreviewed
CVE-2024-0240
was published
Feb 15, 2024
An issue was discovered in ImfHpRegFilter.sys in IOBit Malware Fighter version 8.0.2, allows...
Moderate
Unreviewed
CVE-2020-24089
was published
Sep 20, 2023
A memory leak in the EFR32 Bluetooth LE stack 5.1.0 through 5.1.1 allows an attacker to send an...
Moderate
Unreviewed
CVE-2023-2683
was published
Jun 15, 2023
Regular Expression Denial of Service (ReDoS) in Jinja2
Moderate
CVE-2020-28493
was published
for
jinja2
(pip)
Mar 19, 2021
Sydent DoS (via resource exhaustion) due to improper input validation
Moderate
CVE-2021-29433
was published
for
matrix-sydent
(pip)
Apr 16, 2021
Improper Handling of Highly Compressed Data (Data Amplification) and Memory Allocation with Excessive Size Value in eventlet
Moderate
CVE-2021-21419
was published
for
eventlet
(pip)
May 7, 2021
Django Denial-of-service in django.utils.text.Truncator
Moderate
CVE-2023-43665
was published
for
Django
(pip)
Nov 3, 2023
Django Denial of service vulnerability in django.utils.encoding.uri_to_iri
Moderate
CVE-2023-41164
was published
for
django
(pip)
Nov 3, 2023
A
segmentation fault can occur in Brocade Fabric OS after Brocade Fabric
OS v9.0 and before...
Moderate
Unreviewed
CVE-2023-4162
was published
Aug 31, 2023
Django is vulnerable to Denial of Service attack in formset
Moderate
CVE-2013-0306
was published
for
Django
(pip)
May 5, 2022
Vulnerability in CIRCUTOR TCP2RS+ firmware version 1.3b, which could allow an attacker to modify...
Moderate
Unreviewed
CVE-2024-8892
was published
Sep 18, 2024
vLLM Denial of Service via the best_of parameter
Moderate
CVE-2024-8939
was published
for
vllm
(pip)
Sep 17, 2024
Django vulnerable to Denial of Service via i18n middleware component
Moderate
CVE-2007-5712
was published
for
Django
(pip)
May 1, 2022
In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote attackers to cause a denial of service ...
Moderate
Unreviewed
CVE-2018-19881
was published
May 14, 2022
Vulnerability in the Oracle Health Sciences InForm product of Oracle Health Sciences Applications...
Moderate
Unreviewed
CVE-2023-21925
was published
Apr 18, 2023
A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used...
Moderate
Unreviewed
CVE-2023-42669
was published
Nov 6, 2023
An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The...
Moderate
Unreviewed
CVE-2024-33881
was published
Jun 24, 2024
DNSJava affected by KeyTrap - NSEC3 closest encloser proof can exhaust CPU resources
Moderate
GHSA-mmwx-rj87-vfgr
was published
for
dnsjava:dnsjava
(Maven)
Jul 22, 2024
ProTip!
Advisories are also available from the
GraphQL API